'PCRegFixer Registry Cleaner' Tech Support Scam Description
The 'PCRegFixer Registry Cleaner' tech support scam is a pop-up attack associated with fake Registry cleaners and corrupted website content. Threat actors whose phone numbers these messages promote may attempt to lock you out of your PC, collect information, or force you to pay money for fraudulent products. Use your anti-malware programs to terminate any symptoms or software related to this hoax and treat any information transferred to entities related to it as being compromised.
A Cleaner Software that's Cleaning out More than Your Registry
The division between a ransom-based attack against your computer and simple adware may seem relatively obvious, but con artists often blur these categorizations with both threatening software and misleading tactics. A recent iteration of a fake Registry cleaner campaign noted as the 'PCRegFixer Registry Cleaner' tech support scam currently, also has ties to related attacks that could do more than just encourage you to spend money on a non-working program. With sufficient access to your PC, the responsible threat actors also may lock you out of your computer completely.
Malware experts are finding limited characteristics of noteworthiness in the PCRegFixer product, which is a conventional, fake 'system-cleaning' Registry scanner. This program pretends to scan your PC for security vulnerabilities and other errors, such as corrupt Registry entries. Both this program and the websites related to it may use pop-ups for promoting its technical support hotline to purchase the 'full version' and removing these fake threats.
The odder aspect of the 'PCRegFixer Registry Cleaner' tech support scam appears with its prolonged interaction with the threat actors, who pose as technical support employees with various companies, such as Microsoft and Apple. They may ask the victim to grant them remote access to the PC. On Windows PCs, victims following these instructions may lock themselves out of their computers by allowing the remote attacker to exploit the default Windows component of Syskey, an encryption utility that also can protect the start-up process with a password. While this attack is much more invasive than it is traditional for such a tactic, it also gives the threat actors extra leverage for demanding money.
Fixing a Security Problem before It Fixes Your PC for Good
A safe counter-response to network-related phishing tactics like the 'PCRegFixer Registry Cleaner' tech support scam always includes disconnecting the compromised PC from the Internet, to prevent any threat actors from making additional changes to your computer. If their system backup data is intact, the users may be able to use the System Restore feature to revert to an earlier, non-password-protected state. In emergencies, there also are free Registry editing programs that can help victims reset their Syskey passwords outside of Windows, although wrong Registry values can cause further damage to the operating system.
Whether this fake technical support team aims for just a little money or total control over your computer, the 'PCRegFixer Registry Cleaner' tech support scam is a multifaceted security. However, even the best tactic only works with the unintentional help of the victim's poor security practices and tendencies towards self-endangerment.
Use SpyHunter to Detect and Remove PC Threats
If you are concerned that malware or PC threats similar to 'PCRegFixer Registry Cleaner' Tech Support Scam may have infected your computer, we recommend you start an in-depth system scan with SpyHunter. SpyHunter is an advanced malware protection and remediation application that offers subscribers a comprehensive method for protecting PCs from malware, in addition to providing one-on-one technical support service.
Why can't I open any program including SpyHunter? You may have a malware file running in memory that kills any programs that you try to launch on your PC. Tip: Download SpyHunter from a clean computer, copy it to a USB thumb drive, DVD or CD, then install it on the infected PC and run SpyHunter's malware scanner.